Russian hackers who compromised DNC are targeting the Senate, company says

Russian hackers who compromised DNC are targeting the Senate, company says

Russian hackers set up websites that were meant to look like an email system available only to people using the Senate’s internal computer network, according to a report from a computer security firm. (J. Scott Applewhite/AP)

By Shane HarrisBy Shane HarrisJanuary 12 at 5:27 PM

The Russian hackers who stole emails from the Democratic National Committee as part of a campaign to interfere in the 2016 election have been trying to steal information from the U.S. Senate, according to a report published Friday by a computer security firm.

Beginning in June, the hackers set up websites meant to look like an email system available only to people using the Senate’s internal computer network, said the report by Trend Micro. The sites were designed to trick people into divulging their personal credentials, such as usernames and passwords.

The Associated Press was first to write about the report.

These “spear phishing” techniques are frequently used by the Russian group, which the company dubs Pawn Storm, to read or copy emails or other private documents.

“This group is politically motivated,” said Mark Nunnikhoven, Trend Micro’s vice president for cloud security.

Trend Micro has linked the group, better known as Fancy Bear, to activities targeting political organizations in Germany and the campaign of French President Emmanuel Macron. In 2016, U.S. intelligence agencies concluded the group, which officials say is associated with Russian military intelligence, stole emails from the DNC that were subsequently provided to WikiLeaks.

“The U.S. Senate, as a target, seems to represent the next step” in the group’s ambitions, Nunnikhoven said, because it is both a political body and also an institution of government.

Nunnikhoven said that his company had given information about Pawn Storm’s activities to the Senate. The office of the Senate sergeant at arms, which handles computer security for the chamber, declined to comment.

The Trend Micro report didn’t say whether the operation targeting the Senate had successfully stolen information, and Nunnikhoven declined to say because the matter is still being investigated.

A U.S. official said Russian and Chinese hackers regularly target American politicians, government employees and their associates, but declined to discuss whether any recent hacking efforts had been successful.

Pawn Storm’s campaign against the Senate comes as lawmakers prepare for midterm elections in November. Nunnikhoven said that the group has a pattern of targeting political organizations in the run-up to elections.

Targeting senators and their staff is “consistent with the pattern of what we’ve seen in the last few years,” when, ahead of a major political event, the group “tries to gain a foothold to gain access to an organization,” he said.

Trend Micro concluded that hacking campaigns against political organizations were unlikely to dissipate.

“Political organizations have to be able to communicate openly with their voters, the press and the general public. This makes them vulnerable to hacking and spear phishing,” the company said in its report.